Since 2019, as part of its strategy of enhancing transparency and accessibility through proactive stakeholder engagement, the PCAOB has been engaging with audit committee chairs at U.S. public companies that have had audits inspected by the PCAOB during the year.  The PCAOB staff continued this outreach to audit committee chairs during 2021, engaging in conversations with over 240 audit committee chairs. The results are discussed in this new report.  The discussions involved required communications between the auditor with the audit committee and discussions outside of required communications, auditor strengths and weaknesses, PCAOB inspection reports, quality control, use of technology and matters outside of the financial statements. The PCAOB believes that the audit committee's oversight of the auditor and the audit process is a critical job. Accordingly, "engaged and informed audit committees can be a force for elevating audit quality to the benefit of investors and our capital markets broadly."

Required communications.  Under applicable auditing standards (AS 1301), auditors are required to communicate with audit committees about certain matters related to the audit.  Top areas that audit committee chairs mentioned as part of their discussions of accounting policies and practices were impairments and goodwill accounting issues, the accounting implications of COVID-19 on the economy, revenue recognition and credit losses. Critical audit matters were also an important issue, particularly how CAMs were identified and disclosed.  There was also regular discussion about the "conduct of the audit, including planning, scope, procedures, auditor needs, levels of cooperation, new standards, and other developments."  With regard to the auditor's views of the quality of the company's financial reporting, the report indicates that "over a dozen audit committee chairs said they spent significant time with their auditors discussing matters related to controls, notably in the context of cybersecurity incidents, the implementation of information technology (such as enterprise-wide systems), and the impact of spinoffs and other transactions related to capital structure." Also frequently discussed was the impact of COVID-19 on company liquidity, going-concern assessments, disclosures and conduct of the audit in the remote environment. Auditor independence was also an important topic as was risk, particularly "high-risk areas and risks related to fraud, changes in accounting practices, and management override of controls."  When asked what made for a successful meeting, audit committee chairs identified thorough preparation (including pre-meeting previews and advance views of documentation), ongoing and less-scripted dialogue and prioritization of key issues, including some "deep dives" on important or emerging topics.

Discussion outside of required communications.  Audit committee chairs tended to focus on three areas outside of required communications: whether management is setting the right "tone at the top" and the quality of key management positions and departments, especially accounting and finance; "big picture" topics, such as the economy and the industry, including industry trends, challenges and potential issues; and the regulatory environment, particularly regarding accounting and auditing matters.

Auditor strengths and weaknesses. Audit committee chairs appreciated auditors' comprehensive and timely communications, especially when candid and free of promotion; deep knowledge of the industry sector; proactive approach (raising yellow flags), availability and responsiveness; and use of technology, such as automation, data analytics and artificial intelligence. Areas that could stand some improvement included last-minute scrambles and pileups; use of more technology in some cases to improve effectiveness; management of costs and fees; select communication shortfalls, including with internal audit; and turnover issues.

PCAOB inspection reports. Inspection reports from the PCAOB, which summarize any deficiencies found in the reviews of selected audit engagements and other violations of PCAOB rules, can be useful for improving audit quality.  About 70% of audit committee chairs surveyed indicated that they reviewed the reports or discussed them with their auditors. Audit committee chairs found the reports useful to provide warning signs, identify trends in findings and learn how the firm responds to the report. The reports also helped the chairs compare how firms were performing, especially with respect to inspection findings, and served as jumping-off points for further discussion. Chairs did, however, identify some problems with the reports, including timeliness and inadequate detail.

Audit firms' quality control systems. Although chairs generally viewed firms' quality control as satisfactory, some added the qualification that they could provide only "high-level" impressions. Some chairs highlighted the "value of robust, consistent firm processes across the U.S. firms and the global networks"; continuing education provided; layers of review, especially "engagement quality reviewers, consultations with the national office, and industry or topic specialists"; and strong emphasis on tone at the top and sound governance.

Annual auditor assessments. About 75% of the respondent chairs indicated that they did conduct annual reviews of the external auditor. Many committees used surveys, checklists and questionnaires to "gauge auditor proficiency, independence, engagement with management, and other topics." Management surveys were also often used, and assessment discussion meetings were frequently held. In some instances, chairs held multiple meetings: "one session with the auditors, one with management, and one with only audit committee members."

Use of technology. The PCAOB also asked audit committee chairs about the use of emerging technologies. Of chairs responding, about 90% said "that they were not aware of limitations on the auditor's use of technology." Data analytics was most often identified as a potentially transformative technology, helping "auditors to spot anomalies (particularly in areas such as revenue recognition), to detect fraud, and to identify and assess risk." Similarly, automation offered the potential to significantly increase efficiencies and reduce costs. Chairs also said that "technology will enable auditors to test entire data sets, reducing the need for sample testing."

Technology also posed a number of challenges, perhaps most obviously, cybersecurity, which "permeated" the PCAOB's discussions with audit committee chairs last year: chairs worried that, just like at public companies, "technology systems at audit firms are vulnerable to hacking."  In addition, chairs stressed the importance of "quality control in the use of technology. As [the PCAOB] heard repeatedly, low-grade information cannot be predictive. In the view of one audit committee chair, automation can make people lazy, which is why checks and balances are essential as automation becomes more prevalent." While technology has much potential, "emerging" technologies are just that:  in the "early stages of adoption and utility, with plenty of room for improvement." It was also important to recognize that they may "never be a silver bullet."

Information outside the financials. Some investors and other stakeholders have expressed strong interest in ESG and non-GAAP financial measures—matters outside of the financial statements.  About 75% of respondent chairs indicated that they have had discussions about these topics with their auditors, with about 70% citing ESG as a topic for discussion. The PCAOB had the impression that ESG was at the top of many audit committee agendas; however, at this point, auditor involvement "remained largely at a preliminary or high level. Particular areas of interest include discussion around accuracy of data, as well as the potential need for new processes or controls." Audit committee chairs also indicated that auditors "can be a source of perspective" on non-GAAP financial measures, such as EBITDA. According to the report, chairs "emphasized that audit committees need a full understanding of such information and how they reconcile with GAAP."

SideBar

The SEC's new climate disclosure proposal, if adopted as proposed, would certainly cause auditors to become more directly involved in climate aspects of ESG disclosure.  First, the SEC has proposed to add a new note to the audited financial statements that would require disclosure of specified climate-related financial statement metrics that are mainly derived from financial statement line items. The proposed rules would require disclosure under the following three categories of information: financial impact metrics; expenditure metrics; and financial estimates and assumptions. Because the disclosures would be included in the audited financial statements, the disclosures would be included in the scope of the audit, subject to audit by an independent registered public accounting firm, and within the scope of the company's internal control over financial reporting.

The SEC has also proposed to require that all companies disclose their Scopes 1 and 2 GHG emissions on a phased-in basis, with some larger companies also required to provide Scope 3 in certain circumstances.  Under the proposal, each accelerated and large accelerated filer would also be required to include in its filings an attestation report covering the disclosure of its Scope 1 and Scope 2 emissions. The attestations would be required to provide limited assurance that scales up to reasonable assurance after a specified transition period. The attestation service provider may, but need not, be a registered public accounting firm.  (See this PubCo post and this PubCo post.)

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.